Editor’s Picks

Moodle LMS security leaves 1000’s of servers vulnerable

By eLearning Inside
August 09, 2017

Breaking news from TechTarget:

A series of logic flaws in Moodle enabled attackers to remotely execute code on servers. Expert Michael Cobb explains how the Moodle security vulnerability can be exploited.

Moodle lms security vulnerability

A vulnerability found in Moodle, an open source, PHP-based learning management system used by tens of thousands of universities internationally, left servers and their data open to compromise. According to the researcher that discovered the issue, the Moodle security vulnerability is actually made up of several small flaws, and it can enable attackers to execute PHP code on related servers. What does this vulnerability entail, and what can be done about it?

Netanel Rubin, security researcher and CEO of Vaultra, found that by exploiting a series of minor vulnerabilities, he could chain them together to remotely execute code on a server running Moodle.

Read the rest of this story at TechTarget (registration required).

2 Comments

  1. Thank you, Lauen – If schools are looking for help with an OCR claim or an accessibility audit of your learning platform, please contact me at: michele@accessible360.com and let me know you saw Hillary’s post here for an Elearning Inside News discount for audits scheduled by 12.31.2017.

    We are an approved vendor tp perform education industry live-user audits and we’ve been doing them since 2007.

    Thank you!